MDKSA-2005:155

Problembeschreibung

Integer overflow in pcre_compile.c in Perl Compatible Regular
Expressions (PCRE) before 6.2, as used in multiple products, allows
attackers to execute arbitrary code via quantifier values in regular
expressions, which leads to a heap-based buffer overflow.
The apache2 packages, as shipped, were built using a private copy of pcre.
The updated packages have been rebuilt against the system pcre libs
to correct this problem. 10.1 and 10.2/LE2005 are already built against
the system pcre.